Category Archives: Privacy

Post navigation

For a number of (really good) reasons, I’ve not been able to spend much time following the endless, ever-forthcoming details about the US government’s decision to vacuum up as much of our communication data as possible.

Even from such a less-than-ideal base of knowledge, and even though it will take months or years for everything to come out (if ever), I already believe the following:

No mountain of prestigious journalistic prizes can repay the debt owed to the Guardian and Glenn Greenwald by the citizens of this country.

President Obama should immediately grant Snowden a full presidential pardon — and, further, give Snowden his own (prematurely given and, as is now clear, unearned) Nobel Peace Prize as a token of his gratitude.

Concerns about the steady erosion of civil liberties and all-too-quick slide into a surveillance state are finally starting to get a sliver of the traction they should have gotten since roughly the end of 2001.

The erosion of civil liberties via state surveillance has been accompanied by an ever-shrinking capacity for citizens to monitor the state. This ranges from the mundane (e.g., police officers routinely harassing, arresting, injuring, and/or falsely charging people for photographing or recording them in public) to the profound (e.g., charging journalists as “co-conspirators” for soliciting restricted information).

There is perhaps no better test of whether technology activists will be able to mobilize the public en masse on behalf of a desired change — rather than, as in the SOPA blackout, against an unpopular proposed change.

Whether or not an anti-surveillance movement can effect major changes in policy is not a fair measure of whether and how well such a movement performs as a movement; better measures include people mobilized to action, mainstream coverage, and policymakers and allies recruited.

Regardless of whether it is fair to measure an anti-surveillance movement based on policy outcomes, such policy outcomes may be a fair way to measure the viability of our democracy. If we can’t get people on the left, right, and center to join together to take back the Fourth Amendment, the promises of our Constitution are pretty hollow indeed. (Satire or not, this hits close to home.)

If I were in the position of Snowden, Greenwald, or the Guardian, I hope and believe that I would make pretty much the same decisions.

I say all of this publicly, even though I no longer have faith that I can do so without fear of retribution (yes, I use that term deliberately) by the state.

So, to the snoops that are undoubtedly listening — even though it’s unlikely that any human will ever actually read this tiny speck in an ocean of data — come and get me.

If what Snowden did lands him in prison, being there next to him would be an honor. If blowing the lid off a giant, proto-police-state phone and internet surveillance operation is wrong, I don’t want to be right. If leaking state secrets in the public interest puts one in danger of torture, indefinite detention, exile, or being disappeared, we’re all in danger — and for most people, this will be because too few will be brave enough to take such a risk to protect the citizenry from the state.

So consider me part of the conspiracy, Mr./Ms. Snoop. Tell your supervisors that we have a dissident who needs closer scrutiny and maybe a visit from an agent.

I’d rather go to prison, right now, for the rest of my life than to live in complicity as we slide ever-closer toward becoming a bona fide police state.

And just to increase the odds that a real human does see this: bombs Al Qaeda assassinate infidels fertilizer kill death murder planes airports President Obama Capitol White House 9/11 TNT flying with liquids in containers larger than 100 ml (3 oz. for you SAE holdouts) and not taking off my accursed shoes. So there.

P.S. If there’s one consequence I do fear as a result of this post specifically, it’s being put on the no-fly list — itself a particularly apt illustration of the intersection of terrorism paranoia, unchecked executive branch power, and rank bureaucratic incompetence.

It’s been a whirlwind news cycle over the past 48 hours. Welcome to the 21st century surveillance state. We’ve been living here for some time, but no one bothered to say so until now. In grappling with it all, I keep returning to a few literary classics.

“Contrary to common belief even among the educated, Huxley and Orwell did not prophecy the same thing. Orwell warns that we will be overcome by an externally imposed oppression. But in Huxley’s vision, no Big Brother is required to deprive people of their autonomy, maturity and history. As he saw it, people will come to love their oppression, to adore the technologies that undo the capacities to think.

What Orwell feared were those who would ban books. What Huxley feared was that there would be no reason to ban a book, for there would be no one who wanted to read one. Orwell feared those who would deprive us of information. Huxley feared those who would give us so much that we would be reduced to passivity and egoism. Orwell feared that the truth would be concealed from us. Huxley feared the truth would be drowned in a sea of irrelevance. Orwell feared we would become a captive culture. Huxley feared we would become a trivial culture… In 1984, Huxley added, people are controlled by inflicting pain. In Brave New World, they are controlled by inflicting pleasure.”

(emphasis added)

On a Thursday afternoon panel at Personal Democracy Forum, Zeynep Tufecki argued that big data in campaigns is paving the way for a future that is equal parts Orwell and Huxley. The threat comes less from electoral campaigns themselves than from well-financed economic players who will replicate and enhance the new market techniques in other arenas. Our powers of monitoring and distraction are growing at an outlandish pace.

Through cosmic coincidence, the first news about PRISM broke just after her panel. Along with monitoring all of our phone calls through Verizon, it seems the NSA is also capable of accessing all communications via Google/Gmail/YouTube, Microsoft/Skype, Facebook, Yahoo, Apple, Aol, and Paltalk. According to the career intelligence officer who leaked the information, “They quite literally can watch your ideas form as you type.”

PRISM is Orwell’s America. Really, what else can you call it? If, two weeks ago, Someone told me that the government was soaking up all our online data, capable of reading things while we type them, I would have backed away slowly, wondering where they left their tin foil hat. Then the Washington Post told me instead. The depth and breadth of this domestic spying program is just astonishing.

But Huxley’s vision is the reason this Orwellian architecture can be constructed. Consider:

And it’s not just the front page of the Washington Post. Tune in to your Twitter stream tomorrow, around 9:30PM EST. I guarantee you that no one will be discussing PRISM. They’ll be talking about Daenerys Stormborn and Arya Stark. They’ll be talking about Lebron James and Tony Parker. They’ll be trading jokes about Don Draper and Joan Holloway. It’s like Kurt Cobain said, “With the lights out, it’s less dangerous. Here we are now, entertain us.”

I see room for just a bit of anti-Huxley hope. Also at Personal Democracy Forum, Sara Critchfield talked about Upworthy.com. Upworthy has only been around for a year and a half, and it already reaches 2/3rds of all Americans. Their business model is surprisingly simple: find “socially positive” stories, repackage them with more engaging headlines, and help them go viral. Eli Pariser founded Upworthy after he wrote The Filter Bubble(see my review here). It was founded on the premise that peopleactually want more than cat videos and celebrity gossip. Provide engaging, inspiring, thought-provoking, or enraging content and people will read it, share it, and discuss it. We just have to get better at marketing the quality content as well as we market the junk content.

Upworthy’s success gives reason for hope. Sunday night, I’ll be watching the NBA Finals and Game of Thrones. But Monday, I’ll probably see some PRISM-related content from Upworthy in my media stream, and I’ll share it and participate further in the public conversation. How much hope we should have is directly proportional to how large of a niche companies like Upworthy will eventually occupy. How widely are those diverse preferences for substantive and entertaining comments spread? Can we sustain national attention around issues like PRISM for long enough to demand answers and action from public officials, or will we quickly flip to the next story?

I don’t know. But, as we marvel at this newly unveiled Orwellian surveillance state, it’s these Huxley-esque questions that will concern me most.

We don’t arrive at this surveillance regime through a perpetual state of fear. We get there through perpetual distraction.

Sasha Issenberg, author of The Victory Lab, gave a talk at GW last night. The book offers a strong take on the impact of the Analyst Institute on American political campaigning. It traces the emergence of more sophisticated (and more widely available) voter data, and also traces the emergence of rigorous social scientific experiments that help campaigns optimize their outreach tactics. It’s well worth your time.

During Q&A, an interesting tangent came up: political campaigns won’t talk with reporters about their data practices. They didn’t want to give anything away that their opponents could use. The Obama campaign told its staff not to talk to Issenberg. When other reporters write articles about campaign data mining, the campaigns don’t offer corrections if they’ve gotten it wrong. What little public record we have of these activities is based on reporters’ best guesses, without the usual corrective of sources shouting them down via the blogosphere.

This morning, one of those potential sources weighed in. Ethan Roeder, data director of Obama for America, wrote an Op-Ed for the New York Times titled “I Am Not Big Brother.” Pushing back against some of hype, he tells us, “You may chafe at how much the online world knows about you, but campaigns don’t know anything more about your online behavior than any retailer, news outlet or savvy blogger.”

The truth is probably somewhere between Roeder and the underinformed headlines. It’s true that campaigns don’t know anything more about our online behavior than retailers like Target, but what those retailers know is pretty disturbing. And c’mon, the Obama campaign operates at a scale and complexity far greater than any “savvy blogger.” That scale matters for what questions the campaign is going to ask, and what it is going to do with our information.

As a researcher who studies how organizations adapt to the digital environment, the real trouble here is that it’s nearly impossible to move beyond vague impressions. Campaigns have an incentive not to talk to reporters. They have an even greater incentive not to talk to academic researchers (at least without a non-disclosure agreement firmly in hand…). When the journalistic coverage gets basic facts wrong, scholars have little way of knowing. When campaigners disagree after-the-fact, we can’t tell whether they’re correcting the public record or trying to smooth away rightful mistrust.

Academics at our best offer healthy skepticism to the public discourse. There are important conversations for us to have about the implications of refined digital marketing, management, and persuasion techniques for a healthy democracy. But it’s going to be systematically difficult to engage in those conversations, because the underlying facts just aren’t going to be very clear.

(I’ve been MIA for months now, but I just submitted my grades and am finally writing a loooong overdue blog post.)

A Hunter alumnus asked me (on Facebook, no less):

Any thoughts on the most recent “privacy concerns” regarding facebook?

For starters, let’s put it this way: I gave the Diaspora project $25 and will soon proudly be rocking their T-shirt.

Also, you can drop the scare quotes. It should creep everyone out how easy it is to cyber-stalk anybody with a FB profile who doesn’t watch the company’s privacy moves like a hawk. People who joined early and kept everything limited to “just friends” but didn’t update their settings have now had what they thought was private information laid bare for the world to see. This is not just immoral; it borders on fraudulent, and it’s potentially dangerous.

Lokman Tsui, a dear friend and U Penn classmate, killed his FB profile, and I fully support and understand his decision. I’m thinking about doing the same, but the costs and benefits are diminished in my case; my wife will continue updating me about our family and friends, as well as telling the world when we’re out of state.

This issue isn’t going away. In his public statements on the issue, FB chief Mark Zuckerberg is incredibly cavalier and uncaring about his users’ privacy. (Listen to this interview on NPR. The opening exchange is incredibly revealing:

Melissa Block: We’ve been hearing these protests getting louder and louder. There’s a “We’re quitting Facebook” campaign on the net. Did this level of user anger catch you off guard?

Mark Zuckerberg: You know, whenever we launch products, a lot of people like the products, and a lot of people are critical, and I think that’s just something that comes with having more than 400 million people using your service. So what we try to do is we try to build the products that we think are best, and then we listen to what people are saying, how people are talking to their friends about the product, what they tell us, the emails that they send us.

What we heard loud and clear this time was that people wanted simpler controls for how to share their information. We spent the last few weeks building those. It was a pretty big effort, but we really wanted to make sure that we were responding to the feedback that we were hearing, so that’s what we rolled out.

This is an amazingly sketchy dodge of the actual question and the real issue. People were and are mad because Facebook began with a simple privacy policy, simple privacy settings, and privacy as the default. In the years since, they’ve violated the expectation of privacy that they created by publicizing info that was formerly private, by defaulting people into public settings, by making some information (including the list of your FB friends) impossible to hide, and (last and least importantly) making it increasingly difficult to change one’s privacy settings.

For Zuckerberg to describe their moving target of a privacy policy as a “new product” is beyond disingenuous–it’s callous and shows wanton disregard for his users’ wishes and the expectations that he helped create, only to violate.

By the way, I’m still on Facebook for 2 reasons. First, I’ve always tried not to post things I consider truly private. This is because I was a Ph.D. candidate before the service launched, so my friends have always included a large number of colleagues, making me think twice before I post.

Second, and more importantly from a policy perspective, is the problem of network effects; the service is much more valuable than its competitors because many more of my friends and family use Facebook–and they keep using it because their friends and family keep using it, and so on. Walking away from Facebook is basically walking away from the social networking hub.

The size of the network and the centrality it plays in so many people’s lives makes it really scary that somebody with such apparent disregard for users’ best interests is in charge.

In his iconic novel “1984”, George Orwell envisioned omnipresent “telescreens” in every home, business and on every street that could be monitored by the government. These screens were especially powerful because the subject never knew when the screen was being monitored or if, in fact, monitoring ever occurred. One had to live as though one were watched at all times.

As is often the case, truth seems to lie somewhere between the totalitarianism of Orwell’s “1984” and the hedonistic consumer dystopia of Huxley’s “Brave New World.” As two recent stories point out, our actual telescreens cost hundreds of dollars and have designer labels.

The useful GPS technology that allows us to navigate our way through city streets also allows government agencies to track our movements. Not in theory, but in practice. A recent story notes that agencies have made rampant use of cellphones to track the physical movements and identities of individuals. As long as we are not up to any wrongdoing, who cares? Except that the definition of “wrongdoing” is a tricky one. One Alabama sheriff used the technology to track his daughter’s whereabouts when she stayed out too late. Even more unsettling is the story of Michigan police who used the technology to note the identities of protesters at a labor union rally. And these are just the abuses that had been reported thus far.

Having taken part in many marches and protests during the Bush years, I observed that police utilized cameras as weapons of intimidation, recording the faces of each and every protester for purposes that remain unknown. Did they do this to create a record or merely the belief that such a record might exist? Was their object to record identities, prevent illegal activity or to intimidate peaceful protesters? In any event, it seems that these tactics have moved from digital cameras to mobile telephony. So while tools like Twitter and text messaging have been used by protesters around the world to organize and mobilize, mobile telephony may be just as useful for officials to monitor protest and “chill” dissent.

Meanwhile, do you know that little camera that sits on top of your computer screen or laptop–the one that may be pointed at you right now? How do you know that nobody can see you through it? If that seems silly, then you should read this story from CBS News about a high school sophomore who was spied on in his home by his school using the webcam in a school issued laptop. In this case, the danger is that this technology is not only exploitable by overeager officials, but by child predators either within the school system or who may hack into the school’s system. That is, it might not only be Big Brother who is watching, but Big Pervert. The FBI is investigating the incident, but it is unclear if they are looking for wrongdoing or pointers.

When a Philadelphia mainline school district starts taking pages from the playbook of Orwell’s Oceania, privacy advocates and consumers should take note. With mobile computing on the rise, hundreds of millions of Americans are using objects that may be used to track their movements and to view their lives. As cameras and GPS systems become more prominent in these devices, there is every reason to suspect that our personal devices may not be as personal as they seem.

In a blog post over at The Publius Project, Judith Donath asks “Is Reputation Obsolete.” It’s a provocative piece and well worth a read. Honestly, I’ve spent the past week trying to dip into the literature on reputation systems and to call it the shallow end of the pool would be an insult to pools. It’s shocking how little attention has been done on the topic, and Donath raises a lot of interesting points about the ill-fit between present day reputation systems and the total availability of online information.

It seems to me that her post could be best rephrased as “Is Reputation Tracking Obsolete?” In that case, the answer would be a clear and definitive yes.

Reputation in its purest form is deep, contextualized, complex, and local. I have a very different reputation with my colleagues in the Sierra Club than I do with other academics, and still another one with my drinking buddies. All of those reputations are linked to different dimensions of my identity, and each is accurate in its own way. They accrue over time, and they are exceedingly difficult to scale up from local context to general form.

Online, reputational data is put at a premium, because the purer the anonymity, the worse people are bound to act. I haven’t seen any studies on this yet (I’ll get around to doing one someday, I suppose), but it’s pretty clear that when you require people to login before posting comments to a blog, they self-moderate a bit more, and when you add a Mojo system like they have at SlashDot and DailyKos, and “superuser” status contingent on high Mojo ratings, people behave better still. That’s standard “Shadow of the Future” stuff, a basic finding from game theory, and replicated in a host of experimental settings. So reputation systems incentivize good behavior while distributing the costs of punishing bad behavior. As a basic example, consider how costly eBay would be if they had to provide top-down monitoring of all transactions. Actually, you don’t need to bother considering it: without reputation tracking, there would be no eBay. Period.

So is reputation obsolete? Yes and no. The thing we need to recognize is that when you divorce reputation assessments from their local, complex, and contextualized settings, you have to rely on rough proxies to fill in the gap. Those proxies are not, themselves, reputation. When an eBay buyer ranks the seller, that tells us relatively little about the seller. When a DailyKos user contributes to a diarist’s “tip jar,” that functions as a “thumbs up.” But real reputation isn’t the aggregate of online clapping and booing. And as more diverse information becomes available online, the simplicity of aggregating clapping and booing seems like a coarse and outdated tool for measuring reputation.

I would suggest that the quality of reputation tracking is always going to hinge on three elements:

(1)relevance of the proxy data. How good of an approximation does the online rating mechanism provide?

(2)Traffic levels. I’m always entertained by low-traffic blogs that include recommended diary structures and such. Online reputation tracking assumes huge inputs, but given the power law distributions of web traffic, we know that there are only going to be a select few webspaces that obtain that level of traffic.

(3)Gaming of the system or lack thereof. This last one is long-term problematic. Any high-traffic webspace is going to represent valuable online real estate. The perverse incentives are there for actors to try to figure out the rules of the game and then innovate ways to get around them. We haven’t seen a lot of innovations in reputations systems for years, and most of the literature seems to be focused solely on eBay. So reputation tracking systems are probably obsolete at this point, simply because every system is going to have weaknesses and vulnerabilities, and there haven’t been many new developments (at least that I’m aware of — which is a decent indicator that if something great is out there, it sure hasn’t diffused very widely yet).

What we really need is reputation systems that take advantage of Metcalfe’s Law. As processing speed and memory continue to double — as Information Abundance becomes still more abundant — we need to develop reputation tracking systems that use better proxies. Donath asks whether “in a world where all action is recorded, is there still need for reputational information?” I would respond, “Yes, all the moreso!” If we broadly understand reputation data as a form of filtering and content management, we have little choice but to rely on reputation assessments, but we also need them to evolve along with the rest of the web. In a world where all action is recorded, reputational information is all the more necessary so we can sort through the mess. But likewise, as more types of data become available, we need to diversify the types of proxies we use for assessing reputation. This will be particularly true as the mobile web comes into wider use, rendering whole new classes of data available.

The real challenge lies in figuring out how to sort and use that data, particularly keeping in mind the competing needs for reputational assessment/filtering and privacy. The weaker the privacy norms, the stronger the reputation tracking can be. I don’t think I particularly want my academic or Sierra Club colleagues to know my reputation among my drinking buddies, though (or vice versa, for that matter!). The tradeoff has steeply decreasing returns at some point, and there’s an important role for public scholars like Donath in helping to identify what that point might be.

If we get our GMail/FaceBook/Yahoo! account hijacked, what can we do when the company deletes it and all our related data? If we’re connected, that’s one thing, but what about those who are not so fortunate?

There’s also the (much more often discussed) flipside: What if I want to delete my stuff forever? Thanks to redundant backup storage, “forever” is several backups away, at the earliest.

Bad news, as the Senate overwhelmingly voted to legalize President Bush’s warrantless wiretapping program and also decided not to amend a bill that would prevent telecom companies from getting immunity for giving the government access to phone records of millions of people.A quote from an article from Wired that talks about this reads:

“The bill, which expires in six years, allows the government to install
permanent wiretapping outposts in telephone and internet facilities
inside the United States without a warrant. However, if those wiretaps
are used to target Americans inside or outside of the country, the
government would have to get a court order. However, if the target is a foreigner or a foreign corporation, and they call an American or an
American calls them, no warrant is required.”

In other words, Americans are screwed, but international students and other foreigners are even more screwed.Being an international student at an American university myself sensitizes me to this problem. Consider this ability to wiretap all our phone and internet traffic without requiring a warrant in the following context:

they have to comply under the Patriot Act if the government asks them to disclose private information (including cellphone numbers)

the government also has the phone records from the telecom companies

the government doesn’t even need a warrant or court order if it decides it wants to wiretap foreigners

You do the math. International student? Check. All his/her personal and not-so-personal information? Check. Cellphone number? Check. Phone records showing who is calling who at what time for how long from where? Check. Permission to wiretap and spy at will? Check. Civil Liberties? Uhm.

On a smaller side note, it is interesting to see how the presidential candidates have voted on this. McCain voted in favor of giving telecom companies immunity. Obama voted against. Clinton decided to abstain from voting. It’s too bad I don’t get to vote in this country.

The TSA blog, Evolution of Security, is an honest-to-goodness attempt to communicate with the public and (here’s the shocker) listen to feedback.

The bloggers are employees who are free to write in a casual blogging style. One made a joke about heavy drinking in New Orleans on Fat Tuesday. Responses range from sardonic or hostile to genuinely thoughtful.

Perhaps most impressive, the agency is actually listening to (and not merely damage controlling around) citizens’ comments. Well, at least they’ve done it once thus far. In one post, they celebrate the TSA critics for ironing out some inconsistencies in their enforcement of the removal of electronics.

Some local branches had decided that ALL electronics had to be removed (if you can fit a bomb in an iPod nano…), and the blog’s commenters asked about it. This week, the TSA made sure that all local agents knew that small electronics can stay in bags.

This is an interesting exercise in e-government, and as a regular traveler, I hope they keep it up.